How could DDoS affect you?

When hackers or cybercriminals launch a Distributed Denial of Service (DDoS) attack, the damage – and the costs – can be devastating for the business that’s being targeted. DDoS attacks are used to disable the targeted organization’s online presence or key business processes – and that can have long lasting impact for the victim. Is your business doing all it can to achieve effective DDoS attack protection?

Keeping your business online

With online activities playing an increasingly important role in virtually every business’s day-to-day interactions with customers, suppliers and employees, no business can afford to ignore today’s growing DDoS risks. Your online services – and all of your IT infrastructure – are just too important to leave unguarded:

Your customers are more demanding than ever

They expect ‘always on’ access to products and services – and that means unplanned downtime isn’t an option if your business is going to keep hitting its targets for customer satisfaction levels

Your own team needs reliable access to key services

Many of your employees simply can’t perform their work tasks if any of your critical systems are taken out of action by a DDoS attack

The effects of an attack can be far-reaching

Even though the attack may be targeting a specific element of your infrastructure, it could affect other areas of your business. For example, an attack against a bank’s internal systems could also disable its entire network of ATMs (Automated Teller Machines).

Financial damage... and more

The direct financial costs of recovering from a DDoS attack can be massive… and the reputational damage can keep adding to those costs over the long term:

Confusion causes even more damage

If your business is subjected to a DDoS attack, it could also suffer additional losses that result from misconceptions about exactly what a DDoS attack is – and how it could affect your customers. Even though DDoS attacks are unlikely to have any effect on your customers’ security, can you be sure your customers will understand this?

Whenever customers hear about a ‘security incident’ – any security incident – some may fear that their confidential information, bank details and credit card numbers could be at risk. Even though these fears may be totally illogical – and stem from customers’ misunderstandings about the nature of DDoS attacks – your business could still suffer.

Scale of the threats

DDoS attacks are nothing new. They’ve been a threat for many years. However, the level of danger is much higher than in previous years.

Recently, because the cost of launching a DDoS attack has reduced, the volume of attacks has rapidly increased.

At the same time, today’s attacks are much more complex and sophisticated – so you need to do much more to defend against them.

Anti-DDoS solutions: Protecting against modern DDoS attacks

Yesterday’s defenses can’t protect you today

The scale and sophistication of DDoS attacks has evolved. Unfortunately, this means today’s complex attacks are:

Much more difficult to guard against

Even harder for a business to recover from

In addition, the sheer scale of a typical attack can rapidly overwhelm the target’s infrastructure. With today’s attacks often running at 80 – 100 Gb per second, the bandwidth of typical corporate networks can be saturated in just a few seconds.

All of this means that the simple prevention techniques – that were still effective only a few years ago – no longer offer adequate DDoS attack protection. Businesses are no longer able to defend against attacks, without using specialist defense services. The threats have become more devious… so your protection measures have to be even more capable.

How DDoS attacks overwhelm businesses

There are many different ways for hackers to overload the target business’s IT infrastructure – to cause a ‘denial of service’. Some of the most common types of attack include:

Special sensor

Kaspersky Lab provides special sensor software that runs at your site – and, as soon as it’s installed, the sensor software starts to collect statistics and build usage profiles that help it to protect your business.

It monitors your traffic and – by continually building up statistical data and behavioral analysis data – the sensor continuously enhances its ability to detect even very subtle anomalies that are characteristic of the start of a DDoS attack.

Because the sensor software runs on a standard x86 server or a virtual machine, there isn’t any non-standard hardware for you to maintain.

Cleaning Centers

In the event of a DDoS attack, we’ll alert you and give you the option of redirecting your traffic to Kaspersky Lab’s Cleaning Centers – and then having only ‘clean traffic’ returned to you.

We’ve invested in a distributed network of Cleaning Centers – to deliver a highly resilient and scalable traffic cleaning capability.

DDoS attack intelligence

Kaspersky Lab’s malware experts use sophisticated methods to monitor the DDoS threat landscape and keep ahead of the hackers – so that we can achieve earlier detection of DDoS attacks.

Because traditional DDoS prevention vendors don’t have security intelligence departments, this proactive layer of protection cannot be delivered by these vendors.

Solution benefits

Defending against the most complex DDoS attacks doesn’t have to be a complex task for your business.

With Kaspersky Lab’s integrated defenses on board, your IT and security teams are free to focus on your core business activities – safe in the knowledge that you’ve got multi-layered defenses against the most sophisticated attacks.

Kaspersky DDoS Protection Technology

Expertise is essential

Unlike virus attacks that tend to propagate automatically, DDoS attacks rely on human expertise – and that can make DDoS attacks particularly difficult to defend against… unless you have the Kaspersky Lab experts helping to protect you.

For virtually every DDoS attack:

Hackers research their target
The attackers assess vulnerabilities within the target business’s online presence – and then preselect the attack tools that are most likely to achieve the hacker’s malicious objectives.

Cybercriminals adapt their tactics
Working in real time – during the attack – hackers constantly change tactics, adapt their approach and select different tools… in order to maximize the damage they can inflict.

Because real people are constantly fine tuning almost every ‘live’ DDoS attack, you need real DDoS mitigation experts fighting against your attackers in real time… and that’s exactly what Kaspersky DDoS Protection delivers.

Inline versus non-inline

In the past, some vendors proposed the use of a hybrid defense that included an inline appliance and remote cleaning centers. The inline appliance would continually intercept the business’s traffic and provide some level of defense for small attacks – and only suggest redirecting traffic if a large attack was detected. However, with the vast majority of today’s attacks now able to overwhelm the capacity of both an inline appliance and the targeted business’s Internet connection – within a few seconds – this approach is now outdated, and it can introduce delays before traffic is redirected to a cleaning center.

Kaspersky DDoS Protection uses a non-inline sensor that continuously monitors your traffic – without intercepting it. As soon as the sensor detects a potential attack, you have the option of redirecting all traffic to one of Kaspersky Lab’s cleaning centers.

Because Kaspersky Lab’s solution totally avoids the use of inline appliances:

You have greater control over whether your traffic is redirected to cleaning centers
You benefit from DDoS protection that also achieves a lower rate of false positives

Greater visibility – across your business

Although no one can stop cybercriminals targeting your business, Kaspersky Lab is ideally placed to deliver a rapid response to any DDoS attack. Then – after we’ve defended you against the attack and mitigated the effects – we’ll deliver detailed, post-attack analysis and reporting on exactly:

What happened

How long it lasted

How Kaspersky DDoS Protection dealt with the attack

... so every level of your business benefits from clear visibility of the issues.

Far-ranging protection

Whereas some vendors can protect against volumetric attacks and other vendors’ offerings are more suited to defending against application layer attacks, Kaspersky Lab provides effective protection and mitigation for all types of DDoS attacks, including:

Unique combination of skills

Because today’s DDoS attacks are much more sophisticated, an intelligence-led approach to defense is vitally important. No other DDoS prevention solution vendor has our background in IT security – so no other vendor has a dedicated attack intelligence team.

Because we’re the first anti-malware vendor to offer a DDoS protection solution, we’re able to provide a unique combination of statistical analysis, behavior analysis and DDoS attack intelligence… for more thorough defense.

Improved sensitivity – for improved detection

Some vendors are only able to provide broad monitoring of the entire communication channel. However, Kaspersky Lab’s solution is capable of granular analysis – so we can detect even smaller deviations from normal traffic and normal behavior.

In addition, we use special techniques that let us filter traffic at points that are as close as possible to the source of an attack.

Integrated teams – for a tightly integrated solution

Because all of the software inside Kaspersky Lab’s DDoS Protection solution – and other security products – is developed by the company’s own, in-house experts:

We have full control of the development cycle

We can react more rapidly to changes in the DDoS attack landscape

Furthermore, our DDoS Emergency Response Team works very closely with Kaspersky Lab’s lead engineers and solution architects. Communication lines are short and feedback loops are very responsive – so we can rapidly deliver new plug-ins that defend against new application layer attacks.

The theft of sensitive production data and Distributed Denial of Service (DDoS) attacks on key online services are two of the most serious threats faced by this leading food production company. Kaspersky Lab ensured it stayed protected -without impacting on process availability.